package cn.mall.auth.interceptor;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Objects;

@Component
public class AuthInterceptor implements HandlerInterceptor {

    @Autowired
    private RedisTemplate redisTemplate;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
        //1.认证拦截
        //获取前端传过来的token
//        String token = request.getHeader("token");
//        //判断token是否为空，未登录
//        if (StringUtils.isEmpty(token)) {
//            response.getWriter().write("{\"success\":false,\"message\":\"noLogin\"}");
//            return false;
//        }
//        //判断登录用户信息是否为空，不为空就放行
//        //根据token去loginMap中获取用户信息
//        Object loginUser = redisTemplate.opsForValue().get(token);
////        System.out.println(loginUser);
//        if (Objects.isNull(loginUser)) {
//            response.getWriter().write("{\"success\":false,\"message\":\"noLogin\"}");
//            return false;
//        }


//        Manager manager = (Manager) loginUser;

//        if (handler instanceof HandlerMethod) {
//            HandlerMethod handlerMethod = (HandlerMethod) handler;
//            Method method = handlerMethod.getMethod();
//            //2 权限拦截
//            //2.1判断用户要访问的资源的url需不需要权限，如果不需要权限就放行，判断当前这个资源要访问的controller的方法上面有没有注解
//            MyPermission permission = method.getAnnotation(MyPermission.class);
//            if (Objects.isNull(permission)) {
//                return true;
//            }
//
//            //2.2如果资源需要权限，判断用户有没有当前要访问的权限
//            //2.2.1拿到用户所拥有的权限 类名:方法名
//            List<String> permissionSns = permissionMapper.loadPermissionSnsByManagerId(manager.getId());
//            //2.2.2判断用户拥有的权限里面包含这个资源的权限
//            Class<?> aClass = method.getDeclaringClass();
//            String sn = aClass.getSimpleName() + ":" + method.getName();
//
//            if (!permissionSns.contains(sn)) {
//
//                response.getWriter().write("{\"success\":false,\"message\":\"noPermission\"}");
//                return false;
//            }
//        }

        return true;

    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
    }




}
